Summary
Cumulative Patch for Microsoft IIS (Q327696)
Impact of vulnerability: Ten new vulnerabilities, the most serious of which could enable code of an attacker's choice to be run on a server.
Recommendation: Users using any of the affected
products should install the patch immediately.
Maximum Severity Rating: Critical
Affected Software:
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
Microsoft Internet Information Services 5.1
See
http://www.microsoft.com/technet/security/bulletin/ms02-062.mspx
Supersedes
http://www.microsoft.com/technet/security/bulletin/ms02-018.mspx
Severity
Classification
-
CVE CVE-2002-0147, CVE-2002-0149, CVE-2002-0150, CVE-2002-0224, CVE-2002-0869, CVE-2002-1180, CVE-2002-1181, CVE-2002-1182 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Microsoft .NET Framework Privilege Elevation Vulnerability (3005210)
- Microsoft Foundation Classes Could Allow Remote Code Execution Vulnerability (2387149)
- Message Queuing Remote Code Execution Vulnerability (951071)
- Microsoft Internet Explorer Multiple Code Execution Vulnerabilities (974455)
- Microsoft .NET Framework Remote Code Execution Vulnerabilities (2878890)